Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.
CVE-2020-11858

7.8HIGH

Key Information:

Vendor

Micro Focus

Status
Operation Bridge (containerized)
Operation Bridge Manager
Vendor
CVE Published:
27 October 2020

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2020-11858?

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Operation Bridge (containerized) 2020.05

Operation Bridge (containerized) 2019.08

Operation Bridge (containerized) 2019.05

References

https://softwaresupport.softwaregrp.com/doc/KM03747658
x_refsource_MISC
https://softwaresupport.softwaregrp.com/doc/KM03747854
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-20-1326/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Micro Focus would like to thank Pedro Ribeiro from Agile Information Security working with Trend Micro Zero Day Initiative for discovering and reporting the vulnerability
JSON
.